[Freeipa-users] sudo not work in linux

2015-09-23 Thread alireza baghery
hi i have centos 6.7 (ipa server) and i have centos 6.5 (client) i can not sudo on client i add rule sudo on ipa i config file sss.conf +++ [domain/l.infotechpsp.net] debug_level = 6 #cache_credentials = True #krb5_store_password_if_offline = True ipa_domain = l.infotechpsp.net id_provider =

[Freeipa-users] problem in ipa trust with AD

2015-09-09 Thread alireza baghery
hi i install centos 6.7 trust with Windows 2008 r2 (User AD can not Login) and get log in IPA SERVER file: /var/log/krb5kdc.log domain IPA: l.infotechpsp.net ++ Sep 09 15:09:20 ipareplica.l.infotechpsp.net krb5kdc[1518](info): AS_REQ (4 etypes {18 17 16 23}) 10.30.120.20:

Re: [Freeipa-users] user AD not login but user freeipa can login

2015-09-05 Thread alireza baghery
debug_level = 6 and Error /var/log/sssd/sssd_l.test.com ++ [ipa_s2n_exop_done] (0x0040): ldap_extended_operation result: Operations error(1), Failed to handle the request. [ipa_s2n_get_user_done] (0x0040): s2n exop request failed. +++ On Sat, Sep 5, 2015 at 10:34 AM, alireza baghery

[Freeipa-users] user AD not login but user freeipa can login

2015-09-05 Thread alireza baghery
hi i have centos 6.7 (ipa server) and TRUST with windows 2008 r2 (AD) clients centos 6.7 (ipa client sssd 1.12.4) kinit userAD on linux execute successful but users AD not login -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users

[Freeipa-users] User AD can not Login Client Linux

2015-08-23 Thread alireza baghery
Hi i install Centos 7.1 (IDM Server) and integrate with Windows SERVER 2008 R2 Trust USER AD can not Login on client (OLE 6.6) but User create idm can login name IDM SERVER= ipasrv.l.infotechpsp.net domain Windows = infotechpsp.net i execute [ kinit abagh...@infotechpsp.net] on IDM Server and

[Freeipa-users] not login users AD (2008R2 ) on linux

2015-08-17 Thread alireza baghery
hi i install CentOS 6.5 and IPA 3.0.0..37 and Trust with Windows 2008 R2 everyting OK and user AD Login on Linux but i install replicator ipa three week ago and two days User AD can not login on Linux but User IPA can Login on Linux ===Error on '/var/log/secure Aug 17 14:48:20 dwn1 sshd[51694]:

Re: [Freeipa-users] problem with reinstall ipa client

2015-04-25 Thread alireza baghery
thanks i remove /etc/ipa/ca.cert and problem solved On Sat, Apr 25, 2015 at 4:26 PM, alireza baghery baghery.j...@gmail.com wrote: thanks i remove /etc/ipa/ca.cert and problem solved On Sat, Apr 25, 2015 at 4:16 PM, Dmitri Pal d...@redhat.com wrote: On 04/25/2015 01:27 AM, alireza

[Freeipa-users] problem with reinstall ipa client

2015-04-24 Thread alireza baghery
hi i REMOVE server ipa-server (3.0.0 centos 6.5) with HOSTNAME (ipasrv.linux) and REINSTALL server ipa with same hostname and OS (centos 6.5) server IPA integrate with AD windows (2008) and on Clients first Uninstall IPa-Client with Command ipa-client-install --uninstall but when i want INSTALL

[Freeipa-users] problem with sssd in centos 6.5

2015-03-15 Thread alireza baghery
hi i install centos 6.5 (sssd client 1.9) when i execute any command process sssd_be on 100 percentage and when sssd_client update 1.11 ipa-client do not work how to solve this problem -- Manage your subscription for the Freeipa-users mailing list:

[Freeipa-users] ipa replication not working

2015-02-16 Thread alireza baghery
i install IPA on CENTOS 6.5 with Replication when configure every role in IPA, role Copy to Replica but Conversely, it does not work (role from Replica DO not copy to IPA) i do the following: *on server IPA:* #ipa-replica-manage list ipa... master ipareplica...master #ipa-replica-manage list

Re: [Freeipa-users] error install replication

2015-02-09 Thread alireza baghery
ipasrv# Service SSSD status sssd is runing nevertheless i restart service sssd but problem do not solved On Mon, Feb 9, 2015 at 11:19 AM, Martin Kosek mko...@redhat.com wrote: On 02/09/2015 07:42 AM, alireza baghery wrote: i check on both server ssh each other's name and ssh successful

Re: [Freeipa-users] error install replication

2015-02-09 Thread alireza baghery
[13415]: fatal: Access denied for user admin by PAM account configuration On Mon, Feb 9, 2015 at 3:20 PM, Martin Kosek mko...@redhat.com wrote: Did you try the ssh admin@`hostname` command? It should show if ssh to admin via SSSDFreeIPA really works. On 02/09/2015 11:18 AM, alireza baghery wrote

Re: [Freeipa-users] error install replication

2015-02-09 Thread alireza baghery
account admin recognize and show uid gid and groups On Feb 9, 2015 1:42 PM, Martin Kosek mko...@redhat.com wrote: Ok. When on the server, does # id admin or ssh admin@`hostname` work? Maybe it does not recognize the admin user. On 02/09/2015 09:29 AM, alireza baghery wrote: ipasrv

Re: [Freeipa-users] error install replication

2015-02-09 Thread alireza baghery
thanks On Mon, Feb 9, 2015 at 6:42 PM, Martin Kosek mko...@redhat.com wrote: On 02/09/2015 03:31 PM, Dmitri Pal wrote: On 02/09/2015 08:34 AM, alireza baghery wrote: yes try ssh admin@hostname but do not work log secure- Feb 9 15:42:20 ipasrv sshd[13414]: pam_unix(sshd:auth

[Freeipa-users] error install replication

2015-02-08 Thread alireza baghery
hi i install ipa on centos 6.5 and want install replica for purpose i do the following task: ipa-install-prepare --ip-address (replica) replica (replica) namserver ipa (replica) ipa-replica-install but in Connetcon Check get ERROR ===message stdout replica=== Connection from

Re: [Freeipa-users] error install replication

2015-02-08 Thread alireza baghery
i check on both server ssh each other's name and ssh successful and resolve name was also correct on each server but i can not login with user admin from ipareplica via ssh (root@ipareplica]# ssh admin@ipasrv === failed) [root@ipareplica ~]# ssh ipasrv root@ipasrv's password: Last login: Mon Feb

[Freeipa-users] ipa replica (centos 6.5) integrate with AD 2008

2015-02-04 Thread alireza baghery
hi i integrated ipa (centos 6.5) with AD windows server 2008 and anything do work i install replica server as follow: #(ipaserve ipa): replica- prepare ipareplica. example. com - - ip- address 192. 168. 1. 2 scp /var/lib/ipa/replica- info- ipareplica. example. com. gpg

[Freeipa-users] problem users AD can not sudo in centos 6.6

2015-01-03 Thread alireza baghery
hi i integrated AD windows 208 R2 with IPA server (centos 6.5) i write policy for user test execute any command on any host user test can execute sudo on cetnos 6.5 but on centos 6.6 can not (sudo get error) confige sssd.conf = [domain/l.example.com] debug_level = 6

[Freeipa-users] Fwd: problem users AD can not sudo in centos 6.6

2015-01-03 Thread alireza baghery
hi i integrated AD windows 208 R2 with IPA server (centos 6.5) i write policy for user test execute any command on any host user test can execute sudo on cetnos 6.5 but on centos 6.6 can not (sudo get error) confige sssd.conf = [domain/l.example.com] debug_level = 6

[Freeipa-users] syslog

2014-09-23 Thread alireza baghery
hi i have configured ipa (ipa on centos 6.5) and configure rsyslog for send log to syslog server (juniper strm) in strm get error unknown generic log event or log linux (on server install ipa client) but with another server linux not problem -- Manage your subscription for the Freeipa-users

[Freeipa-users] problem with log in ipa

2014-09-23 Thread alireza baghery
hi i have configured ipa (ipa on centos 6.5) and configure rsyslog for send log to syslog server (juniper strm) in strm get error unknown generic log event (log's ipa clients ) but with another server linux not problem -- Manage your subscription for the Freeipa-users mailing list:

[Freeipa-users] log activity users ipa

2014-09-01 Thread alireza baghery
hi i have configured ipa (ipa on centos 6.5) but the problesm is i dont know where the logs activity users stored? i meens logs activity users must stored in ipa server, but where? thanks every body -- Manage your subscription for the Freeipa-users mailing list:

Re: [Freeipa-users] log activity users ipa

2014-09-01 Thread alireza baghery
activity that users perform on client (ipa client) On Mon, Sep 1, 2014 at 11:12 AM, Dmitri Pal d...@redhat.com wrote: On 09/01/2014 08:29 AM, alireza baghery wrote: hi i have configured ipa (ipa on centos 6.5) but the problesm is i dont know where the logs activity users stored? i

Re: [Freeipa-users] users AD can not sudo in centos 6.5

2014-08-26 Thread alireza baghery
sorry for delay file sssd.conf: == domain/example.com] debug_level = 6 cache_credentials = True krb5_store_password_if_offline = True ipa_domain = l.example.com id_provider = ipa auth_provider = ipa access_provider = ipa ipa_hostname = client1.l.example.com chpass_provider = ipa

[Freeipa-users] users AD can not sudo in centos 6.5

2014-08-25 Thread alireza baghery
hi i integrated AD windows 208 R2 with IPA server (centos 6.5) i write a sudo policy and access for specified user and host with allow any command. user can execute sudo in centos 7 but when user loggin on centos 6.5 can not execute sudo and get error below user@AD is not in sudoers file. i

[Freeipa-users] i inetgrated ipa server with AD but users AD can not loggin on server linux?

2014-08-20 Thread alireza baghery
hi Having a particularly weird problem. We have moved from AD(windows 2008 R2) to ipa server(centos 6.5). and i integrated ipa with AD machine linux joined with ipa and machine windowse joined with AD. users AD can loggin in cli mode in system linux (centos 6.5) but can not

Re: [Freeipa-users] i inetgrated ipa server with AD but users AD can not loggin on server linux?

2014-08-20 Thread alireza baghery
yes right. ipa trust relation with AD and subdomain AD. yes gde produce log On Wed, Aug 20, 2014 at 5:27 PM, Dmitri Pal d...@redhat.com wrote: On 08/20/2014 01:45 PM, alireza baghery wrote: hi Having a particularly weird problem. We have moved from AD(windows 2008 R2) to ipa